Thursday, 2 January 2014

Users of public wi-fi may have had personal details stolen

PEOPLE WHO USED
wi-fi in public areas such as hotels may have had their details stolen due to
security flaws, an Irish firm has warned.

Cork-based IT
firm Smarttech.ie said
that they had discovered “serious flaws” in cyber security measures after
visiting 10 hotels in October and November.

They say that
finding the flaws took “minimal” effort.

Smarttech say
that they “wanted to demonstrate just how dangerous using unencrypted logins
and passwords across a public network can be”.

Over the course
of these security tests however, Smarttech.ie soon realised that the level of
security being provided was a serious problem. In addition, they say that users
seemed “completely oblivious to the dangers of using public wi-fi”.

The company
carried out tests on public wi-fi systems and spotted flaws within 20 minutes.

They were then
able to access users’ information, including email logins, credit card details,
social media passwords and banking information.

In some cases,
networks were accessed from outside the hotels.

Smart-tech says
that they informed all of the hotels and made recommendations on how to close
the gaps.

They added that
anyone who operates a network should be aware of the security on their network.
Under EU law, it is the duty of the premises supplying the network to ensure
that the network is secure.

According to
Ronan Murphy, CEO of Smarttech.ie, “Consumers need to be aware that if you are
accessing public wi-fi there are serious security challenges. The tests we
carried out prove that these risks affect anyone using public Wi-Fi. However
there are steps that hotels and restaurants can take to secure their Wi-Fi
service and therefore protect their customers”.